c0d60a2292ca99cd81303ccfa5b31a70.exe

General
Target

c0d60a2292ca99cd81303ccfa5b31a70.exe

Size

449KB

Sample

201120-wwybyp72r6

Score
7 /10
MD5

c0d60a2292ca99cd81303ccfa5b31a70

SHA1

0ac5373d16f0e2926948e800f57652718ca1b7fb

SHA256

86109009a1d1033676de2ac895bdfe4d246837a2db24a339a83de8077581f567

SHA512

89c0bb9ab8683ea44f93d567fd9441423d4bb27c4ab44c7ded77e7bb5a04e0d9ed9fc173d1fb346e161e372d9e0b7b0ba83b7aa44bc0add751f9511372f69f01

Malware Config
Targets
Target

c0d60a2292ca99cd81303ccfa5b31a70.exe

MD5

c0d60a2292ca99cd81303ccfa5b31a70

Filesize

449KB

Score
7 /10
SHA1

0ac5373d16f0e2926948e800f57652718ca1b7fb

SHA256

86109009a1d1033676de2ac895bdfe4d246837a2db24a339a83de8077581f567

SHA512

89c0bb9ab8683ea44f93d567fd9441423d4bb27c4ab44c7ded77e7bb5a04e0d9ed9fc173d1fb346e161e372d9e0b7b0ba83b7aa44bc0add751f9511372f69f01

Tags

Signatures

  • Deletes itself

  • Loads dropped DLL

  • Reads user/profile data of local email clients

    Description

    Email clients store some user data on disk where infostealers will often target it.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Checks installed software on the system

    Description

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    Tags

    TTPs

    Query Registry
  • JavaScript code in executable

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Discovery
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Persistence
                Privilege Escalation
                  Tasks

                  static1

                  behavioral1

                  7/10

                  behavioral2

                  7/10